Oracle issues more Java security fixes

Following our note Monday that more security vulnerabilities had been found in Oracle’s Java software, the Redwood City corporation on Tuesday issued additional patches to plug the holes.

Noting that the problems affect Java running in Web browsers and not on servers or desktop computer applications, Oracle said in a blog post that it had been aware of one of the holes on Feb. 1. But it said that was “unfortunately too late” for it to fix with a patch issued for Java on Feb. 19.

The blog added that the company had intended to correct the vulnerability in April, but decided to do so now because of reports that cyber crooks already were exploiting it.